Using Efficient Path Profiling to Optimize Memory Consumption of On-Chip Debugging for High-Level Synthesis

High-Level Synthesis (HLS) for FPGAs is attracting popularity and is increasingly used to handle complex systems with multiple integrated components. To increase performance and efficiency, HLS flows now adopt several advanced optimization techniques. Aggressive optimizations and system level integration can cause the introduction of bugs that are only observable on-chip. Debugging support for circuits generated with HLS is receiving a considerable attention. Among the data that can be collected on chip for debugging, one of the most important is the state of the Finite State Machines (FSM) controlling the components of the circuit. However, this usually requires a large amount of memory to trace the behavior during the execution. This work proposes an approach that takes advantage of the HLS information and of the structure of the FSM to compress control flow traces and to integrate optimized components for on-chip debugging. The generated checkers analyze the FSM execution on-fly, automatically notifying when a bug is detected, localizing it and providing data about its cause. The traces are compressed using a software profiling technique, called Efficient Path Profiling (EPP), adapted for the debugging of hardware accelerators generated with HLS. With this technique, the size of the memory used to store control flow traces can be reduced up to 2 orders of magnitude, compared to state-of-the-art

Accelerating Homomorphic Evaluation on Reconfigurable Hardware

Homomorphic encryption allows computation on encrypted data and makes it possible to securely outsource computational tasks to untrusted environments. However, all proposed schemes are quite inefficient and homomorphic evaluation of ciphertexts usually takes several seconds on high-end CPUs, even for evaluating simple functions. In this work we investigate the potential of FPGAs for speeding up those evaluation operations. We propose an architecture to accelerate schemes based on the ring learning with errors (RLWE) problem and specifically implemented the somewhat homomorphic encryption scheme YASHE, which was proposed by Bos, Lauter, Loftus, and Naehrig in 2013. Due to the large size of ciphertexts and evaluation keys, on-chip storage of all data is not possible and external memory is required. For efficient utilization of the external memory we propose an efficient double-buffered memory access scheme and a polynomial multiplier based on the number theoretic transform (NTT). For the parameter set (n=16384,log_2(q)=512) capable of evaluating 9 levels of multiplications, we can perform a homomorphic addition in 48.67 and a homomorphic multiplication in 0.94 ms

Evil from Within: Machine Learning Backdoors through Hardware Trojans

Backdoors pose a serious threat to machine learning, as they can compromise the integrity of security-critical systems, such as self-driving cars. While different defenses have been proposed to address this threat, they all rely on the assumption that the hardware on which the learning models are executed during inference is trusted. In this paper, we challenge this assumption and introduce a backdoor attack that completely resides within a common hardware accelerator for machine learning. Outside of the accelerator, neither the learning model nor the software is manipulated, so that current defenses fail. To make this attack practical, we overcome two challenges: First, as memory on a hardware accelerator is severely limited, we introduce the concept of a minimal backdoor that deviates as little as possible from the original model and is activated by replacing a few model parameters only. Second, we develop a configurable hardware trojan that can be provisioned with the backdoor and performs a replacement only when the specific target model is processed. We demonstrate the practical feasibility of our attack by implanting our hardware trojan into the Xilinx Vitis AI DPU, a commercial machine-learning accelerator. We configure the trojan with a minimal backdoor for a traffic-sign recognition system. The backdoor replaces only 30 (0.069%) model parameters, yet it reliably manipulates the recognition once the input contains a backdoor trigger. Our attack expands the hardware circuit of the accelerator by 0.24% and induces no run-time overhead, rendering a detection hardly possible. Given the complex and highly distributed manufacturing process of current hardware, our work points to a new threat in machine learning that is inaccessible to current security mechanisms and calls for hardware to be manufactured only in fully trusted environments

Privacy-preserving data analytics in cloud computing

The evolution of digital content and rapid expansion of data sources has raised the need for streamlined monitoring, collection, storage and analysis of massive, heterogeneous data to extract useful knowledge and support decision-making mechanisms. In this context, cloud computing o↵ers extensive, cost-e↵ective and on demand computing resources that improve the quality of services for users and also help service providers (enterprises, governments and individuals). Service providers can avoid the expense of acquiring and maintaining IT resources while migrating data and remotely managing processes including aggregation, monitoring and analysis in cloud servers. However, privacy and security concerns of cloud computing services, especially in storing sensitive data (e.g. personal, healthcare and financial) are major challenges to the adoption of these services. To overcome such barriers, several privacy-preserving techniques have been developed to protect outsourced data in the cloud. Cryptography is a well-known mechanism that can ensure data confidentiality in the cloud. Traditional cryptography techniques have the ability to protect the data through encryption in cloud servers and data owners can retrieve and decrypt data for their processing purposes. However, in this case, cloud users can use the cloud resources for data storage but they cannot take full advantage of cloud-based processing services. This raises the need to develop advanced cryptosystems that can protect data privacy, both while in storage and in processing in the cloud. Homomorphic Encryption (HE) has gained attention recently because it can preserve the privacy of data while it is stored and processed in the cloud servers and data owners can retrieve and decrypt their processed data to their own secure side. Therefore, HE o↵ers an end-to-end security mechanism that is a preferable feature in cloud-based applications. In this thesis, we developed innovative privacy-preserving cloud-based models based on HE cryptosystems. This allowed us to build secure and advanced analytic models in various fields. We began by designing and implementing a secure analytic cloud-based model based on a lightweight HE cryptosystem. We used a private resident cloud entity, called ”privacy manager”, as an intermediate communication server between data owners and public cloud servers. The privacy manager handles analytical tasks that cannot be accomplished by the lightweight HE cryptosystem. This model is convenient for several application domains that require real-time responses. Data owners delegate their processing tasks to the privacy manager, which then helps to automate analysis tasks without the need to interact with data owners. We then developed a comprehensive, secure analytical model based on a Fully Homomorphic Encryption (FHE), that has more computational capability than the lightweight HE. Although FHE can automate analysis tasks and avoid the use of the privacy manager entity, it also leads to massive computational overhead. To overcome this issue, we took the advantage of the massive cloud resources by designing a MapReduce model that massively parallelises HE analytical tasks. Our parallelisation approach significantly speeds up the performance of analysis computations based on FHE. We then considered distributed analytic models where the data is generated from distributed heterogeneous sources such as healthcare and industrial sensors that are attached to people or installed in a distributed-based manner. We developed a secure distributed analytic model by re-designing several analytic algorithms (centroid-based and distribution-based clustering) to adapt them into a secure distributed-based models based on FHE. Our distributed analytic model was developed not only for distributed-based applications, but also it eliminates FHE overhead obstacle by achieving high efficiency in FHE computations. Furthermore, the distributed approach is scalable across three factors: analysis accuracy, execution time and the amount of resources used. This scalability feature enables users to consider the requirements of their analysis tasks based on these factors (e.g. users may have limited resources or time constrains to accomplish their analysis tasks). Finally, we designed and implemented two privacy-preserving real-time cloud-based applications to demonstrate the capabilities of HE cryptosystems, in terms of both efficiency and computational capabilities for applications that require timely and reliable delivery of services. First, we developed a secure cloud-based billing model for a sensor-enabled smart grid infrastructure by using lightweight HE. This model handled billing analysis tasks for individual users in a secure manner without the need to interact with any trusted parties. Second, we built a real-time secure health surveillance model for smarter health communities in the cloud. We developed a secure change detection model based on an exponential smoothing technique to predict future changes in health vital signs based on FHE. Moreover, we built an innovative technique to parallelise FHE computations which significantly reduces computational overhead

Algorithmes de localisation distribués en intérieur pour les réseaux sans fil avec la technologie IEEE 802.15.4

The Internet of Things is finally blooming through diverse applications, from home automation and monitoring to health tracking and quantified-self movement. Consumers deploy more and more low-rate and low-power connected devices that provide complex services. In this scenario, positioning these intelligent objects in their environment is necessary to provide geo-localized services, as well as to optimize the network operation. However, indoor positioning of devices using only their radio interface is still very imprecise. Indoor wireless localization techniques often deduce from the Radio frequency (RF) signal attenuation the distances that separate a mobile node from a set of reference points called landmarks. The received signal strength indicator (RSSI), which reflects this attenuation, is known in the literature to be inaccurate and unreliable when it comes to distance estimation, due to the complexity of indoor radio propagation (shadowing, multi-path fading). However, it is the only metric that will certainly be available in small and inexpensive smart objects. In this thesis, we therefore seek algorithmic solutions to the following problem: is it possible to achieve a fair localization using only the RSSI readings provided by low-quality hardware? To this extent, we first study the behavior of the RSSI, as reported by real hardware like IEEE 802.15.4 sensor nodes, in several indoor environments with different sizes and configurations , including a large scale wireless sensor network. Such experimental results confirm that the relationship between RSSI and distance depends on many factors; even the battery pack attached to the devices increases attenuation. In a second step, we demonstrate that the classical log-normal shadowing propagation model is not well adapted in indoor case, because of the RSSI values dispersion and its lack of obvious correlation with distance. We propose to correct the observed inconsistencies by developing algorithms to filter irrelevant samples. Such correction is performed by biasing the classical log-normal shadowing model to take into account the effects of multipath propagation. These heuristics significantly improved RSSI-based indoor localization accuracy results. We also introduce an RSSI-based positioning approach that uses a maximum likelihood estimator conjointly with a statistical model based on machine learning. In a third step, we propose an accurate distributed and cooperative RSSI-based localization algorithm that refines the set of positions estimated by a wireless node. This algorithm is composed of two on-line steps: a local update of position¿s set based on stochastic gradient descent on each new RSSI measurement at each sensor node. Then an asynchronous communication step allowing each sensor node to merge their common local estimates and obtain the agreement of the refined estimated positions. Such consensus approach is based on both a distributed local gradient step and a pairwise gossip protocol. This enables each sensor node to refine its initial estimated position as well as to build a local map of itself and its neighboring nodes. The proposed algorithm is compared to multilateration, Multi Dimensional Scaling (i.e. MDS) with modern majorization problem and classical MDS. Simulation as well as experimental results obtained on real testbeds lead to a centimeter-level accuracy. Both landmarks and blind nodes communicate in the way that the data processing and computation are performed by each sensor node without any central computation point, tedious calibration or intervention from a human.L¿internet des objets se développe à travers diverses applications telles que la domotique, la surveillance à domicile, etc. Les consommateurs s¿intéressent à ces applications dont les objets interagissent avec des dispositifs de plus en plus petits et connectés. La localisation est une information clé pour plusieurs services ainsi que pour l¿optimisation du fonctionnement du réseau. En environnement intérieur ou confiné, elle a fait l¿objet de nombreuses études. Cependant, l¿obtention d¿une bonne précision de localisation demeure une question difficile, non résolue. Cette thèse étudie le problème de la localisation en environnement intérieur appliqué aux réseaux sans fil avec l¿utilisation unique de l¿atténuation du signal. L¿atténuation est mesurée par l¿indicateur de l¿intensité du signal reçu (RSSI). Le RSSI est connu dans la littérature comme étant imprécis et peu fiable en ce qui concerne l¿estimation de la distance, du fait de la complexité de la propagation radio en intérieur : il s¿agit des multiples trajets, le shadowing, le fading. Cependant, il est la seule métrique directement mesurable par les petits objets communicants et intelligents. Dans nos travaux, nous avons amélioré la précision des mesures du RSSI pour les rendre applicables à l¿environnement interne dans le but d¿obtenir une meilleure localisation. Nous nous sommes également intéressés à l¿implémentation et au déploiement de solutions algorithmiques relatifs au problème suivant : est-il possible d¿obtenir une meilleure précision de la localisation en utilisant uniquement les mesures de RSSI fournies par les n¿uds capteurs sans fil IEEE 802.15.4 ? Dans cette perspective, nous avons d¿abord étudié le comportement du RSSI dans plusieurs environnements intérieurs de différentes tailles et selon plusieurs configurations , y compris un réseau de capteurs sans fil à grande échelle (SensLAB). Pour expliquer les résultats des mesures, nous avons caractérisé les objets communicants que nous utilisons, les n¿uds capteurs Moteiv TMote Sky, par une série d¿expériences en chambre anéchoïque. Les résultats expérimentaux confirment que la relation entre le RSSI et la distance dépend de nombreux facteurs même si la batterie intégrée à chaque n¿ud capteur produit une atténuation. Ensuite, nous avons démontré que le modèle de propagation log-normal shadowing n¿est pas adapté en intérieur, en raison de la dispersion des valeurs de RSSI et du fait que celles-ci ne sont pas toujours dépendantes de la distance. Ces valeurs devraient être considérées séparément en fonction de l¿emplacement de chaque n¿ud capteur émetteur. Nous avons proposé des heuristiques pour corriger ces incohérences observées à savoir les effets de la propagation par trajets multiples et les valeurs aberrantes. Nos résultats expérimentaux ont confirmé que nos algorithmes améliorent significativement la précision de localisation en intérieur avec l¿utilisation unique du RSSI. Enfin, nous avons étudié et proposé un algorithme de localisation distribué, précis et coopératif qui passe à l¿échelle et peu consommateur en termes de temps de calcul. Cet algorithme d¿approximation stochastique utilise la technique du RSSI tout en respectant les caractéristiques de l¿informatique embarquée des réseaux de capteurs sans fil. Il affine l¿ensemble des positions estimées par un n¿ud capteur sans fil. Notre approche a été comparée à d¿autres algorithmes distribués de l¿état de l¿art. Les résultats issus des simulations et des expériences en environnements internes réels ont révélé une meilleure précision de la localisation de notre algorithme distribué. L¿erreur de localisation est de l¿ordre du centimètre sans aucun n¿ud ou unité centrale de traitement, ni de calibration fastidieuse ni d¿intervention humaine